How does DS (All versions) store password values?
The purpose of this article is to provide information on the password storage scheme formats used in DS. This information can help you understand the secureness of different schemes and how they compare. Additionally this information may be helpful if you have passwords hashed in another system and want to convert them for import into DS.
6 readers recommend this article
Overview
DS 7 introduced new password storage schemes, and also disabled less secure and reversible schemes by default for improved security. See Default Security Settings for further information.
The password storage schemes enabled by default are:
- Argon2 (DS 7.2 and later)
- Bcrypt
- PBKDF2-HMAC-SHA256
- PBKDF2-HMAC-SHA512
- SCRAM-SHA-256
- SCRAM-SHA-512
Password storage scheme formats
The following table provides details of the password scheme formats in use in DS, where:
- <digest> is the bytes returned from the relevant asymmetric hashing function.
- <encrypted> is the bytes returned from the relevant symmetric encryption function.
- <salt> is the salt bytes.
- <iterations> is the number of iterations.
- base64(...) is the standard base64 encoding of ...
- "" surrounds literal characters in the password value.
Password Schemes
Name | Applicable versions | Salt size (bytes) | Key size (bits) | Format |
---|---|---|---|---|
3DES | All ± | 168 | "{3DES}" base64(<encrypted>) | |
AES | All ± | 128 | "{AES}" base64(<encrypted>) | |
Argon2 | DS 7.2 and later | 16 |
"{ARGON2}" "$" <variant> "$v=19 "$m=" <memory> ",t=" <iterations> ",p=" <parallelism> "$" base64(<salt>) "$" base64(<hash>) Where:
|
|
Base64 | All | "{BASE64}" base64(<password>) | ||
Bcrypt * | All | 16 | "{BCRYPT}" <digest> | |
Blowfish | All ± | 128 | "{BLOWFISH}" base64(<encrypted>) | |
Clear | All | "{CLEAR}" <password> | ||
Crypt
|
All |
|
|
|
MD5 | Pre-DS 7 | "{MD5}" base64(<digest>) | ||
PBKDF2 (PBKDF2-HMAC-SHA1) | All | 16 (8 in pre-DS 7) | "{PBKDF2}" <iterations> ":" base64(<digest> <salt>) | |
PBKDF2-HMAC-SHA256 | DS 7 and later | 16 | "{PBKDF2-HMAC-SHA256}" <iterations> ":" base64(<digest> <salt>) | |
PBKDF2-HMAC-SHA512 | DS 7 and later | 16 | "{PBKDF2-HMAC-SHA512}" <iterations> ":" base64(<digest> <salt>) | |
PKCS5S2 (PKCS#5 V2.0 Scheme 2) **** | All | 16 | "{PKCS5S2}" base64(<digest> <salt>) | |
RC4 | Pre-DS 7 ± | 128 | "{RC4}" base64(<encrypted>) | |
Salted MD5 | Pre-DS 7 | 8 | "{SMD5}" base64(<digest> <salt>) | |
Salted SHA-1 | All | 16 (8 in pre-DS 7) | "{SSHA}" base64(<digest> <salt>) | |
Salted SHA-256 | All | 16 (8 in pre-DS 7) | "{SSHA256}" base64(<digest> <salt>) | |
Salted SHA-384 | All | 16 (8 in pre-DS 7) | "{SSHA384}" base64(<digest> <salt>) | |
Salted SHA-512 | All | 16 (8 in pre-DS 7) | "{SSHA512}" base64(<digest> <salt>) | |
SCRAM-SHA-256 | DS 7 and later | Refer to RFC 5802, RFC 5803 and RFC 7677 for further details on the format. | ||
SCRAM-SHA-512 | DS 7 and later | Refer to RFC 5802, RFC 5803 and RFC 7677 for further details on the format. | ||
SHA-1 | All | "{SHA}" base64(<digest>) |
± Deprecated in DS 7
* This <digest> is OpenBSD's bcrypt implementation, which uses a custom base64 encoding. See bcrypt - A FutureAdaptable Password Scheme for further information.
** This is a traditional Unix algorithm (12-bit salt).
*** See Modular Crypt Format for further information.
**** See Atlassian’s PBKDF2-based Hash for further information.
See Password Storage Scheme for details of what properties are allowed for each scheme.
Example Using Salted SHA-1
The following Java 11 code breaks apart a password hashed using the Salted SHA-1 scheme. The SHA-1 algorithm always returns 20 bytes, and the example code works successfully with passwords encoded with different size salts:
import java.util.Arrays; import java.util.Base64; public class Demo { static final int SHA_ALGORITHM_SIZE = 20; // Number of bytes returned from a SHA-1 hash static final String PREFIX = "{SSHA}"; // Salted SHA-1 prefix public static void main(String[] args) { var original = "{SSHA}jDgrs5iv+guDhuU9tuWp3Y4NIMxJ8jb8Cd1uu8w/urdrRB5V"; // "secret" var base64 = original.substring(PREFIX.length()); var bytes = Base64.getDecoder().decode(base64); var hashBytes = Arrays.copyOfRange(bytes, 0, SHA_ALGORITHM_SIZE); var saltBytes = Arrays.copyOfRange(bytes, SHA_ALGORITHM_SIZE, bytes.length); System.out.println("Hash length = " + hashBytes.length); System.out.println("Salt length = " + saltBytes.length); } }For example, if you save this as Demo.java and run it:$ javac Demo.java ; java Demo Hash length = 20 Salt length = 16
See Also
Related Training
N/A
Related Issue Tracker IDs
N/A